{"id":"https://openalex.org/W4378195077","doi":"https://doi.org/10.1109/tifs.2023.3280032","title":"SAFELearning: Secure Aggregation in Federated Learning With Backdoor Detectability","display_name":"SAFELearning: Secure Aggregation in Federated Learning With Backdoor Detectability","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4378195077","doi":"https://doi.org/10.1109/tifs.2023.3280032"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2023.3280032","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2023.3280032","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056812241","display_name":"Zhuosheng Zhang","orcid":"https://orcid.org/0000-0002-2710-5115"},"institutions":[{"id":"https://openalex.org/I108468826","display_name":"Stevens Institute of Technology","ror":"https://ror.org/02z43xh36","country_code":"US","type":"education","lineage":["https://openalex.org/I108468826"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Zhuosheng Zhang","raw_affiliation_strings":["Electrical and Computer Engineering Department, Stevens Institute of Technology, Hoboken, NJ, USA"],"raw_orcid":"https://orcid.org/0000-0002-2710-5115","affiliations":[{"raw_affiliation_string":"Electrical and Computer Engineering Department, Stevens Institute of Technology, Hoboken, NJ, USA","institution_ids":["https://openalex.org/I108468826"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074433692","display_name":"Jiarui Li","orcid":"https://orcid.org/0000-0002-9281-1075"},"institutions":[{"id":"https://openalex.org/I108468826","display_name":"Stevens Institute of Technology","ror":"https://ror.org/02z43xh36","country_code":"US","type":"education","lineage":["https://openalex.org/I108468826"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiarui Li","raw_affiliation_strings":["Electrical and Computer Engineering Department, Stevens Institute of Technology, Hoboken, NJ, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Electrical and Computer Engineering Department, Stevens Institute of Technology, Hoboken, NJ, USA","institution_ids":["https://openalex.org/I108468826"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063617425","display_name":"Shucheng Yu","orcid":"https://orcid.org/0000-0001-6484-4382"},"institutions":[{"id":"https://openalex.org/I108468826","display_name":"Stevens Institute of Technology","ror":"https://ror.org/02z43xh36","country_code":"US","type":"education","lineage":["https://openalex.org/I108468826"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shucheng Yu","raw_affiliation_strings":["Electrical and Computer Engineering Department, Stevens Institute of Technology, Hoboken, NJ, USA"],"raw_orcid":"https://orcid.org/0000-0001-6484-4382","affiliations":[{"raw_affiliation_string":"Electrical and Computer Engineering Department, Stevens Institute of Technology, Hoboken, NJ, USA","institution_ids":["https://openalex.org/I108468826"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5046896680","display_name":"Christian Makaya","orcid":"https://orcid.org/0000-0002-7304-419X"},"institutions":[{"id":"https://openalex.org/I108468826","display_name":"Stevens Institute of Technology","ror":"https://ror.org/02z43xh36","country_code":"US","type":"education","lineage":["https://openalex.org/I108468826"]},{"id":"https://openalex.org/I4210122178","display_name":"Hewlett Packard Enterprise (United States)","ror":"https://ror.org/020x0c621","country_code":"US","type":"company","lineage":["https://openalex.org/I4210122178"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Christian Makaya","raw_affiliation_strings":["HP Inc., Palo Alto, CA, USA","Stevens Institute of Technology"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"HP Inc., Palo Alto, CA, USA","institution_ids":["https://openalex.org/I4210122178"]},{"raw_affiliation_string":"Stevens Institute of Technology","institution_ids":["https://openalex.org/I108468826"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5056812241"],"corresponding_institution_ids":["https://openalex.org/I108468826"],"apc_list":null,"apc_paid":null,"fwci":5.3348,"has_fulltext":false,"cited_by_count":32,"citation_normalized_percentile":{"value":0.96522634,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"18","issue":null,"first_page":"3289","last_page":"3304"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9807690382003784},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8288164138793945},{"id":"https://openalex.org/keywords/news-aggregator","display_name":"News aggregator","score":0.6228115558624268},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.5257787704467773},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.4940855801105499},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.483893483877182},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.4381115436553955},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.43358373641967773},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.36076855659484863},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2525494694709778}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9807690382003784},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8288164138793945},{"id":"https://openalex.org/C180505990","wikidata":"https://www.wikidata.org/wiki/Q498267","display_name":"News aggregator","level":2,"score":0.6228115558624268},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.5257787704467773},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.4940855801105499},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.483893483877182},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.4381115436553955},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.43358373641967773},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.36076855659484863},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2525494694709778},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2023.3280032","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2023.3280032","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.5299999713897705,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G4132598630","display_name":null,"funder_award_id":"ECCS#1923739","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320337392","display_name":"Division of Electrical, Communications and Cyber Systems","ror":"https://ror.org/01krpsy48"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":72,"referenced_works":["https://openalex.org/W1520914943","https://openalex.org/W1841592590","https://openalex.org/W1952161176","https://openalex.org/W1971991172","https://openalex.org/W2031738616","https://openalex.org/W2095577883","https://openalex.org/W2112507308","https://openalex.org/W2156186849","https://openalex.org/W2232997092","https://openalex.org/W2473418344","https://openalex.org/W2525846285","https://openalex.org/W2535838896","https://openalex.org/W2559840118","https://openalex.org/W2617960902","https://openalex.org/W2701059868","https://openalex.org/W2748789698","https://openalex.org/W2752689052","https://openalex.org/W2753783305","https://openalex.org/W2765200655","https://openalex.org/W2767079719","https://openalex.org/W2774423163","https://openalex.org/W2788308444","https://openalex.org/W2789911054","https://openalex.org/W2799040448","https://openalex.org/W2810065831","https://openalex.org/W2811323882","https://openalex.org/W2886444620","https://openalex.org/W2903356604","https://openalex.org/W2955213239","https://openalex.org/W2962763344","https://openalex.org/W2963106566","https://openalex.org/W2964261056","https://openalex.org/W2995164118","https://openalex.org/W3048715803","https://openalex.org/W3086895959","https://openalex.org/W3094551038","https://openalex.org/W3138153888","https://openalex.org/W3191782051","https://openalex.org/W3198262235","https://openalex.org/W4226047321","https://openalex.org/W4288578176","https://openalex.org/W4294106961","https://openalex.org/W4297687186","https://openalex.org/W4297952240","https://openalex.org/W4298221930","https://openalex.org/W4318619660","https://openalex.org/W4378977026","https://openalex.org/W6638783484","https://openalex.org/W6676935882","https://openalex.org/W6728757088","https://openalex.org/W6738250615","https://openalex.org/W6743581629","https://openalex.org/W6743821447","https://openalex.org/W6743986261","https://openalex.org/W6746720608","https://openalex.org/W6746897123","https://openalex.org/W6748082217","https://openalex.org/W6748268456","https://openalex.org/W6748786018","https://openalex.org/W6752600739","https://openalex.org/W6753342801","https://openalex.org/W6754358263","https://openalex.org/W6754708698","https://openalex.org/W6756840679","https://openalex.org/W6758201434","https://openalex.org/W6765541894","https://openalex.org/W6770634426","https://openalex.org/W6771533808","https://openalex.org/W6771536673","https://openalex.org/W6783852812","https://openalex.org/W6784772983","https://openalex.org/W6842887304"],"related_works":["https://openalex.org/W4320031223","https://openalex.org/W4200629851","https://openalex.org/W4281902577","https://openalex.org/W4309417370","https://openalex.org/W4292107232","https://openalex.org/W3009072493","https://openalex.org/W4386080799","https://openalex.org/W3140988292","https://openalex.org/W4317672133","https://openalex.org/W4386185023"],"abstract_inverted_index":{"For":[0],"model":[1,4,33,120,185],"privacy,":[2],"local":[3,52],"parameters":[5,175],"in":[6,218],"federated":[7,59],"learning":[8,60,178],"shall":[9],"be":[10],"obfuscated":[11],"before":[12],"sent":[13],"to":[14,22,50,63,103],"the":[15,172,177,189,213],"remote":[16],"aggregator.":[17],"This":[18,54],"technique":[19,61],"is":[20,123,201],"referred":[21],"as":[23,37],"<italic":[24,78,85],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[25,79,86],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">secure":[26],"aggregation</i>":[27],".":[28,91],"However,":[29],"secure":[30,68,107,138,215],"aggregation":[31,216],"makes":[32],"poisoning":[34],"attacks":[35,164],"such":[36],"backdooring":[38],"more":[39,210],"convenient":[40],"given":[41],"that":[42],"existing":[43],"anomaly":[44,115],"detection":[45,66,116],"methods":[46],"mostly":[47],"require":[48],"access":[49],"plaintext":[51],"models.":[53],"paper":[55],"proposes":[56],"a":[57],"new":[58,75,130],"SAFE-Learning":[62],"support":[64],"backdoor":[65,184,195],"for":[67,114],"aggregation.":[69],"We":[70],"achieve":[71],"this":[72],"through":[73],"two":[74],"primitives":[76,131],"-":[77],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">oblivious":[80],"random":[81,97,134,161],"grouping":[82],"(ORG)</i>":[83],"and":[84,140,205,223],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">partial":[87],"parameter":[88],"disclosure":[89,109],"(PPD)</i>":[90],"ORG":[92,122,145],"partitions":[93],"participants":[94],"into":[95],"one-time":[96],"subgroups":[98],"with":[99,157],"group":[100,154],"configurations":[101],"oblivious":[102,137],"participants;":[104],"PPD":[105],"allows":[106],"partial":[108],"of":[110,128,171,176,220],"aggregated":[111,174],"subgroup":[112,135,173],"models":[113],"without":[117,187],"leaking":[118],"individual":[119],"privacy.":[121],"based":[124,167],"on":[125,168],"our":[126],"construction":[127],"several":[129],"including":[132],"tree-based":[133],"generation,":[136],"aggregation,":[139],"randomized":[141],"Diffie-Hellman":[142],"key":[143],"exchange.":[144],"can":[146,181],"thwart":[147],"colluding":[148],"attackers":[149],"from":[150],"knowing":[151],"each":[152],"other\u2019s":[153],"membership":[155],"assignment":[156],"non-negligible":[158],"advantage":[159],"than":[160,212],"guess.":[162],"Backdoor":[163],"are":[165],"detected":[166],"statistical":[169],"distributions":[170],"iterations.":[179],"SAFELearning":[180,200],"significantly":[182],"reduce":[183],"accuracy":[186,192],"jeopardizing":[188],"main":[190],"task":[191],"under":[193],"common":[194],"strategies.":[196],"Extensive":[197],"experiments":[198],"show":[199],"robust":[202],"against":[203],"malicious":[204],"faulty":[206],"participants,":[207],"whilst":[208],"being":[209],"efficient":[211],"state-of-art":[214],"protocol":[217],"terms":[219],"both":[221],"communication":[222],"computation":[224],"costs.":[225]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":15},{"year":2024,"cited_by_count":12}],"updated_date":"2026-05-17T08:19:37.847499","created_date":"2023-05-26T00:00:00"}